Contents

1. Data Controller
2. Data We Collect
3. Purposes of Processing
4. Legal Bases
5. Sharing & International Transfers
6. Retention
7. Security
8. Your Rights
9. Contact

1) Data Controller

NGA Plast acts as the data controller for personal data processed via this website. Corporate details and contact channels are available on the Contact page.

2) Data We Collect

• Contact data: name, email, phone, company details shared via forms or email.
• Technical data: IP address, device/browser info, logs, page views and interactions.
• Cookie data: cookie preferences and analytics data (subject to consent where applicable).
• B2B relationship data: corporate communication details received during commercial processes.

3) Purposes of Processing

• Responding to inquiries and providing communication
• Handling B2B processes: offers, technical information, after-sales support
• Improving website performance, ensuring security and fixing errors
• Meeting legal obligations
• Marketing/analytics activities (with consent where required)

4) Legal Bases

Depending on the context, we may process personal data based on:

• Performance of a contract or steps prior to entering a contract
• Compliance with a legal obligation
• Legitimate interests (e.g., security, fraud prevention, service improvement) without overriding your rights
• Consent (e.g., marketing cookies, newsletters), where required

5) Sharing & International Transfers

Data may be shared only to the extent necessary and under controlled conditions with:

• IT/hosting providers (hosting, email delivery, security services)
• Analytics tools (subject to consent where required)
• Authorized public bodies (where legally required)

If international transfer is required, we apply appropriate safeguards under applicable laws (e.g., standard contractual clauses or other valid transfer mechanisms).

6) Retention

Personal data is retained only for as long as needed for the relevant purpose and in line with legal retention requirements. After that, it is deleted, destroyed or anonymized.

7) Security

• Role-based access controls and authorization
• Up-to-date infrastructure and security monitoring
• Where needed: encryption, logging and threat prevention
• Technical and organizational measures against unauthorized access and misuse

8) Your Rights

Subject to applicable law, you may have the right to access, rectify, erase, restrict processing, object to processing, withdraw consent and request data portability.

9) Contact

For privacy-related requests, please use the Contact page and include your request details for faster processing.